"The content filtering is good."
"Cisco's technical support is the best and that's why everybody implements their products."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."
"There are no issues that we are aware of. It does its job silently in the background."
"We have not had to deal with stability issues."
"The solution has been good for fulfilling our basic needs."
"The most valuable feature is robustness."
"The command line in Juniper SRX is extremely powerful, in my opinion. It's one of the best command lines I've used in networking products."
"The firewall features and the routing capability are the most valuable."
"The features that I have found valuable are the ones for the main purpose we are using Juniper - its firewall to protect our network for our internet access."
"Great as an inter-segmentation firewall or border or arch-firewall."
"The most powerful feature in Juniper SRX is definitely NCLS."
"The IPSec configuration is going well."
"There are no problems with the technical support. If a problem occurs it gets resolved immediately with our technical support partners."
"This product offers great protection using the default settings."
"The main features of the solution are the control of the site-to-site network access and the overall features."
"Two of the functionalities we use most are the traffic monitoring and the full panel dashboard. Those are two things that are very useful for us... In addition, it provides us with layered security. It allows us to determine what types of access, to which networks, we want to allow or deny."
"The set up was quite straightforward and we handled it in-house. It took a few hours to deploy the product."
"It saves us time in the respect that we now have the template built for it so we can get in and get it done. We've had much less problem supporting Voice over IP technologies from different companies. Because our client base has grown over the years, we're probably saving 20 to 30 man-hours a month now that we've got this on a good stable level."
"Their support is excellent, and the stability is very good."
"After conducting several tests I found the antivirus is working very well. Additionally, they have a very interesting feature, DNS WatchGuard, which is checking DNS requests for phishing, among other things, and it has caught a lot of unwanted attempts and attacks."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."
"I would like to see improvement when you create policies on Snort 3 IPS on Cisco Firepower. On Snort 2, it was more like a UI page where you had some multiple choices where you could tweak your config. On Snort 3, the idea is more to build some rules on the text file or JSON file, then push it. So, I would like to see a lot of improvements here."
"The ability to better integrate with other tools would be an improvement."
"Cisco Firepower NGFW Firewall can be more secure."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"A major area of improvement would be to have more functionality in public clouds, especially in terms of simplifying it. The high availability doesn't work right now because of the limitations in the cloud."
"The user interface is something that Juniper needs to improve."
"It must be 5G ready. The 5G network is rolling out soon in India, and Juniper must upgrade their firewall slot to the 5G network, or they must manufacture a 5G dongle card for the Juniper firewall. I want Juniper to upgrade their dongle from 4G to 5G. Presently, they have an expansion slot in the SRX 322 series and higher firewalls. In that expansion slot, they can put a 4G mobility SIM card so that whenever our primary link is down, it will automatically connect through this GSM network and form a tunnel."
"J-Web, Juniper Web, is sometimes not working great when users are increasing their internet use. Additionally, they need to improve the GUI, graphical user interface, and the firewall management needs to improve. Their CLI is good, but sometimes the GUI is very slow."
"As a networking person, I don't really have any major issues with this device. Based on my experience of using it in a cluster, it could be more stable. I had an incident when one of the SRXs in a cluster couldn't learn ARP. It is a good solution, but firewalls don't seem to be an area of development for Juniper. They are focusing on data centers, routers, and switches, not firewalls."
"The range of devices should be expanded to include those suitable for a small implementation. Juniper does not have any lower-priced SRX models, useful perhaps for a single ATM or a single bank branch."
"Ongoing costs are something that we need to manage and make sure that we're getting value on."
"While the GUI is pretty good on the Juniper side, there can still be tweaks made to it that will make it even better."
"The solution isn't very granular or detailed."
"The solution is lacking a professional website, they should be updated more often."
"They are working on cloud-based options. However, they do not have the options fully functional in their solution at this time."
"The way Secure Sign-On authentication is happening needs to be improved. When the Secure Sign-On portal is turned on, anybody who comes into the campus, whether he or she is a staff member or a guest, has to go past the initial portal. One of the shortcomings is the username. It shouldn't allow permutations or combinations with upper or lower cases. For example, when there is a username abc, it shouldn't allow ABC or Abc. It should not allow the same username, but currently, two separate people can go in. Therefore, its authentication or validation should be improved, and the case sensitiveness should be picked up. If I have restricted someone to two devices, they shouldn't be able to use different combinations of the same username and get into the third or fourth device. It shouldn't allow different combinations of alphabets to be used to log in."
"The only downside is that it is missing an API, that you can use to easily collect information from it."
"There is room for improvement in the threat protection, data packet inspection, and performance of the solution. Generally, it's just a lower-end product. It does the job but doesn't do it very well."
"Its documentation could be improved. Sometimes, you need to search a bit longer to find what you are looking for."
"Some of the configuration options are somewhat confusing."
"An area for improvement is that when we use a web administration link, there is no security."
More Cisco Firepower NGFW Firewall Pricing and Cost Advice →
Juniper SRX is ranked 4th in Unified Threat Management (UTM) with 37 reviews while WatchGuard Firebox is ranked 3rd in Unified Threat Management (UTM) with 21 reviews. Juniper SRX is rated 7.8, while WatchGuard Firebox is rated 8.2. The top reviewer of Juniper SRX writes "Scalable with good technical support and works well for larger organizations". On the other hand, the top reviewer of WatchGuard Firebox writes "Competent, basic front-end; the ports that I have assigned appear to be unattainable to outsiders". Juniper SRX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Palo Alto Networks WildFire, pfSense and SonicWall NSa, whereas WatchGuard Firebox is most compared with Fortinet FortiGate, pfSense, Sophos XG, Meraki MX and Stormshield Network Security. See our Juniper SRX vs. WatchGuard Firebox report.
See our list of best Unified Threat Management (UTM) vendors and best Firewalls vendors.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.